The arrest of the operator LockBit, cyberspionage for FIFA and other cybersecurity events

We have collected the most important news from the world of cybersecurity in a week.

  • The United States requested the extraction of the accused of hacker attacks by LockBit Russian.
  • In Qatar and Greece, the facts of government cyberspiration revealed.
  • In Ukraine, local leaders of fraudulent call centers with an income of € 200 million a year were arrested.
  • In the Russian Federation, the first conviction was sentenced to use a secure messenger.

The United States requested the extraction of the accused of hacker attacks by LockBit Russian

On November 9, Canadian authorities arrested 33-year-old Russian Mikhail Vasiliev on charges of large-scale hacker attacks with the help of LockBit Mrownian Program. This was reported by the Ministry of Justice of the United States.

The arrest of Vasiliev became possible after the detention in October 2021 in Ukraine of his two accomplices.

According to court documents, the accused with the accomplices used LockBit for attacks on critical infrastructure facilities and large industrial companies, requiring multimillion -dollar ransom.

When detaining Vasiliev, two units of firearms, 8 computers, 32 hard drives and over € 400,000 in various cryptocurrencies were seized.

US authorities applied to the court demanding the extradition of a Russian who also has citizenship of Canada. He faces up to five years in prison.

Since its appearance in 2019, Lockbit Excessor attacked at least 1000 people in the USA and around the world. The members of the group received tens of millions of dollars in the form of a ransom from their victims.

The bug in the terminal “delicious – and point” allowed to make free orders

A group of adolescents discovered vulnerability in self -service terminals of the restaurant network “delicious – and point” and ordered food for about a month for free. This is reported by the Baza Telegram channel.

According to him, the incident occurred in October at the Moscow branch of fast food on Volokolamsk highway. In the published video, adolescents order food through the self -service cash desk, after which they turn off the power of the terminal and go to pick up the order.

Most of the attacked sites are controlled by WordPress. Each of them contains about 20,000 spam files.

In the future, compromised resources will probably be used as harmful programs or phishing sites. Another possible script is to attract traffic for advertising fraud.

Sucuri researchers failed to reliably determine the hacking mechanism. According to their assumption, this is due to a vulnerable plugin or selection of passwords of the WordPress administrator.

In Qatar and Greece, the facts of government cyberspiration revealed

Officials of Qatar organized a large -scale and long -term reconnaissance operation against FIFA officials using former CIA operatives. This was reported by the Swiss media.

According to reports, the highest echelons of the Qatar government, including the emir of the country, were involved in the cyberspion. The ultimate goal of the campaign is to prevent Qatar to lose the right to The National Bank accept the upcoming World Cup in 2010.

The budget amounted to $ 387 million, the geography of attacks covered five continents. One of the events included the attraction of at least 66 operatives for nine years.

At the end of October, the FBI initiated an investigation against the former CIVIN agent Kevin Charlker. He is the founder of Global Risk Advisors CEO, which reportedly helped the Katar government to conduct this operation.

Meanwhile, in Greece, local media found out that the country’s government, led by Prime Minister Kiriakos Mitsikitis, ordered illegal monitoring of government officials, journalists and businessmen. They were attacked with the help of Spy on Predator.

The list of victims includes 33 people. One of them is the current Minister of Foreign Affairs of Greece and a member of the ruling party “New Democracy” Nikos Dandias.

In Ukraine, local leaders of fraudulent call centers with an income of € 200 million a year were arrested

Cyber ​​Police of Ukraine and Europol arrested five key members of the international fraudulent network, the damage from which was more than € 200 million a year.

The attackers managed the call centers, deceiving the victims to invest in cryptocurrencies, promotions and options. Also, to work with potential victims, a network of fake sites was created. They showed supposedly growing income, but in fact did not allow me to withdraw funds.

The scheme worked in Ukraine, Germany, Spain, Latvia, Finland and Albania. The total number of employees of call centers exceeded 2000 people.

The Police Raid on One of the Ukraine Call Centers

Three call centers were located in Ukraine. According to cyber police, five detainees are organizers of local operations in Kyiv and Ivano-Frankivsk. During searches, law enforcement officers seized more than 500 units of computer equipment and mobile phones.

The detainees face up to eight years in prison.

Hackers stole Yappy users data

On November 8, the Yappy Vertical Video-Media Controlled Gazprom-Media. About this writes the Telegram channel “Information leaks”.

Openly available were tables for 2 million lines. They contain a name, logins, hash passwords, phone numbers, data data and registration date. The flowing base is relevant for July 1.

Representatives of Yappy confirmed the fact of leakage, but emphasized that “irrelevant dumps of depersonalized user data” were in the public domain ”.

Experts suggest that attackers gained access to information through an account of one of the service administrators.

In the Russian Federation, the first conviction was sentenced to use a secure messenger

Tomsk District Court sentenced the Russian to three years in restriction of freedom for the use of a protected messenger for personal purposes.

According to the case file, we are talking about a protected Vipole messenger. With his help, the defendant “neutralized computer information protecting means, expressed in the impossibility of unambiguous identification of the user and its network activity on the Internet”.

The Russian was charged with the use of harmful computer programs. He pleaded his guilt. The verdict did not enter into legal force and may be appealed.

At the same time, the Ministry of Construction of the Russian Federation sent a letter to public structures and banks, which demanded to report on the use of VPN services. This is written by “Vedomosti”.

The company’s questionnaire should indicate the name and type of VPN, system data, Internet resources for the use of which you need a proxy server, as well as a city, region and country of use.

The list of mailings includes: Roscosmos, Rostec, Gazprom, Rosterbank, VTB, Promsvyazbank, Gazprombank, Otkritie, Alfa-Bank, Rosselkhozbank, Raiffeisenbank, Rosbank and Soskombank. Sources in IT companies explained that the survey is associated with the upcoming blocking of services.

“Kaspersky Laboratory” has already announced plans to disconnect its Kaspersky Secure Connection in the Russian Federation until the end of 2022. Moreover, for users outside the country, the set of functions and VPN servers will not change. Comment the reasons for this decision in the company refused.

Also on FORKLOG:

  • India authorities froze $ 2.5 million related to E-Nuggets.
  • DFX Finance Defi project hacked $ 7.5 million.
  • CFPB has called the most popular schemes of bitcoin canom since 2018.
  • The hackers hacked Deribit transferred 1610 ETH to Tornado Cash. The US authorities themselves accused of promoting the financing of the DPRK nuclear program.
  • A resident of the United States pleaded guilty to Silk Road fraud at 50,000 BTC.
  • Huobi accused the Pnetwork team of “malicious behavior” in the incident with Gala.
  • Binance processed Iran transactions by $ 8 billion bypassing US sanctions.
  • The British branch of Santander will block transfers to crypto -tanks to protect customers.
  • SEC accused the organizers of Trade Coin Club of $ 295 million fraud.

What to read on the weekend?

We offer to recall the case of the MT exchange rate.Gox, which has undergone the largest hacking in the history of cryptocurrencies.

Read the FORKLOG Bitcoin News in our Telegram-cryptocurrency news, courses and analytics.